Review of Transport Canada's Procurement Practices for Selected Vendors

1. Procurement activities comply with government contracting policies and regulations.

1. Procurement process – for competitive contracts
2. Procurement process – for non-competitive contracts
3. Processes for Task Authorizations
4. Contract management (amendments, contract security requirements, and contract performance)
5. Delivery of services and Section 34
6. Pro-active disclosure of contracts

2. Procurements comply with TC's internal contracting processes and controls.

1. Procurements comply with TC's internal contracting processes and controls.

1. The recently developed TBS “Manager's Guide: Key considerations When Procuring Professional Services” was disseminated to managers at TC.
2. A roles and responsibilities guidance document was created, and it will be re-examined.
3. TC will engage with PSPC/TBS regarding expectations and additional clarifications regarding the need for more outcome-based procurements.

1. Completed
2. 2024-25
3. March 2025 pending conclusion of OGGO procurement study, Office of the Auditor General and Office of the Procurement Ombud reports and direction from Treasury Board Secretariat and PSPC

2. ADM Service and Digital Group, in collaboration with ADM Corporate Services, should improve the management and the oversight of TBIPS contracts and Task Authorizations in the following areas:

1. Actively track and monitor contract expenditure to ensure the fair allocation of work distributed to vendors through Task Authorizations.
2. Require clear justifications and Statements of Work for amendments to contracts and Task Authorizations.
3. Define and document the roles and responsibilities of a Technical Authority and other important stakeholders in the contracting process.
4. Improve and define information management practices; clarify and communicate information management guidance to the RC community, particularly around the supporting documentation retention process for key contact supporting document, e.g., evidence for delivery of service, contract performance, résumés and evaluation grids, security clearance documents, etc.

1. SDG in consultation with Corporate Services will develop and/or update tools, processes and procedures to enhance the tracking and monitoring of contract expenditures.
2. SDG in collaboration with Corporate Services will share best practices and examples to strengthen the rigour and clarity of justifications and SOWs for contract amendments and Task Authorizations.
3. Corporate Services will re-examine the existing roles and responsibilities for Technical Authorities and stakeholders, and work with SDG to improve awareness.
4. SDG and Corporate Services will jointly develop a new Information Management repository in SharePoint to better share, retain, and document contracting related activities.

1. Q2 FY 2024-25
2. Q1 FY 2024-25
3. Q2 FY 2024-25
4. Q4 2024-25

Procurement process – for competitive contracts:

• Bid selection method and evaluation criteria are clearly outlined in the bid solicitation document before the Request for Proposal is issued.
• Bids were evaluated in accordance with the terms and conditions of the solicitation.
• The contract was awarded to top ranked firm in accordance with the evaluation methodology.
• Records of individual assessments, consensus evaluation, relevant decisions, approvals by all evaluators, and dates were documented and maintained.

1., 2. and 3. The procurement case files contain backup documentation for the bid solicitation, evaluation, vendor communication, and contract award processes. It is the responsibility of the contracting authority to maintain the procurement case files.

For this specific review sub-criteria, IA examined the contracts that were competitively tendered. Five of the 8 contracts in our sample met this criterion; however, procurement files were only available for 1 where TC was the contracting authority and maintained the procurement files.

The other 4 competitive contracts in our sample were the TBIPS contracts that were awarded by PSPC. These procurement case files were maintained by PSPC as they are the contracting authority. As explained in the Scope section, IA did not schedule interviews with PSPC contracting officer or request documentation from PSPC.

• 1 of the 4 TBIPS contracts was an Indigenous set-aside contract.

1. GC Strategies Contracts – Competitively tendered contracts: For the 1 competitive requirement where TC was the contracting authority, a request for proposals was issued for 4 suppliers but only 1 bidder responded, which was GC Strategies. IA found documentation for all the required procurement steps, from bid solicitation to contract award, compliant with government contracting policy. However, one point was raised for further examination by procurement specialists and technical experts to determine whether the SOW was overly restrictive. The resource requirements were very precise and detailed. In addition to a university degree, the resource had to have a minimum of four university courses at the Master and PHD levels in Artificial Intelligence. The evaluation on file was completed and signed, as required, and it demonstrated that the resource met this criterion.
2. All samples – Documentation for Section 32 approval and specimen cards: IA found most of the documentation needed to demonstrate that Section 32 authority was performed by the appropriate delegated authority.
   1. GC Strategies contracts: Proof of Section 32 approval, in the form of an electronic approval in Oracle, was on file for the 4 contracts awarded by TC Procurement.
   2. TBIPS contracts and Task Authorizations: Proof of Section 32 approval was on file for most samples except for the 4 TBIPS contracts that were awarded by PSPC and managed by the SDG procurement team. PSPC, as the contracting authority for the 4 TBIPS contracts, was responsible for maintaining the procurement case files. IA did not request documentation from PSPC during this review as explained in the Scope section.

The department has implemented a searchable database for finding active specimen cards; however, the database does not include specimen cards for some employees who have left the department. A different record keeping system (recorded in RDIMS) was being used for departed employees which appears to be time consuming to locate records. In addition, TC's Corporate Services informed us that access to specimen cards will be simplified going forward as all specimen cards are now being saved in Oracle, as part of a new process that was recently implemented. As part of the RBAEP planning IA may consider testing the effectiveness of the new process in the future.

3. TBIPS contracts – Indigenous set-aside contract: IA reviewed government contracting policies, PSPC's Supply Manual and information on Indigenous Services Canada's (ISC) website to better understand the process for the Indigenous Business Directory (IBD) and for the verification of vendors' Indigenous business status.
   1. ISC's website provided information that defined the criteria for registering for the IBD that they manage. In addition, it also explained that ISC was responsible for conducting compliance audits to verify that the vendors registered in the IBD “meet the ownership, control and Indigenous content criteria”.
   2. PSPC's Supply Manual^{Footnote 2} described procurement procedures for PSPC contracting authorities to request vendor certification for Indigenous business status during the bid solicitation process for Indigenous set-aside contracts. contracting authorities and departments could request ISC to conduct a compliance audit as needed.
   3. Appendix E of the Directive on the Management of Procurement^{Footnote 3} set out mandatory procedures for departments in the management of contracts awarded to Indigenous Business. Most of the procurement requirements pertained to the annual reporting process and TC Procurement confirmed that a process has been implemented for this purpose.

For the 1 TBIPS contract in our sample, IA did not assess the supporting documentation for the bidding process to confirm if the vendor provided a certification on its Indigenous business status. PSPC was the contracting authority, and the review did not include documentation maintained by PSPC (more details explained in the Scope section). However, IA confirmed that the vendor, Dalian Enterprises and Coradix Technology Consulting in joint venture, was a registered vendor in the IBD. IA did not perform further test procedures as part of this review and has identified it as a potential risk area for consideration in the RBAEP.

Procurement process – for non-competitive contracts:

• There is documentation to support the justification and approvals for sole-source procurement contracts in accordance with section 6 of the Government Contracts Regulations.
• There is no evidence of contract splitting. 

1. and 2. In our sample of 8 contracts, 4 were awarded by TC. Three of these 4 contracts were non-competitive contracts against a supply arrangement.

As TC was the contracting authority for all 3 non-competitive contracts, IA was able to obtain the procurement case files and completed its review.

We also looked at the time frame and scope of the 3 non-competitive contracts to determine if there was evidence of contract splitting.

1. GC Strategies contracts – Non-competitive contracts: The 3 non-competitive contracts against a Supply Arrangement in our sample represented all non-competitive contracts that the department has awarded to GC Strategies since 2011. Each contract had a value less than $25,000.

IA reviewed all documentation in the procurement case file and found the documentation for all the required procurement steps, from preparing the SOW to contract award, compliant with government contracting policy. Each contract case file included a valid justification for sole source that met 1 of the 4 reasons listed in section 6 of the Government Contracts Regulations. In addition to the reason that the value of the contract was under $25,000 which is one of the four valid reasons for a sole-source, all 3 contracts provided additional rationale to justify the reason to sole-source.

2. GC Strategies contracts: No evidence of contract splitting was found in these 3 non-competitive requirements. Although 2 contracts were awarded a few days apart, the scope of the work was different. One contract was solution-based with a firm fixed price and the objective was to develop a pilot application that digitized the approval process for departing employees. The other contract was on a per-diem basis with an objective of developing a digital solution for the transition binder material for senior management. In addition, the funding for the 2 contracts were from different RCs.

Processes for Task Authorizations:

• Procurement process followed aligns with the specific requirements prescribed in the contract with Task Authorizations, supply arrangement or standing offer.
• Processes and oversight exist to help prevent unfair practices or preferential treatment in the allocation of work through Task Authorizations to vendors.

1., 2. and 3. IA conducted interviews with 4 TAs out of the 11 in our sample.

• We met with the 2 TAs who are still working in TC.
• The other 9 have left TC. We contacted 4 former TC TAs using their current government email address and were able to meet with 2 during the time available to complete the review.

The team also interviewed the SDG procurement and TC procurement teams to understand the available guidance and current practices.

IA examined all the required documentation for the issuance of a Task Authorization on file. We also reviewed relevant documentation pertaining to the monitoring of allocation of work.

1. TBIPS contracts – Roles and responsibilities of a Technical Authority (TA): While the contracts contained a standard clause that provided a basic definition of a TA, in contractual terms, as someone the vendor can contact to discuss technical matters, we did not find any written documentation in the department that explains the specific roles and responsibilities of a TA. For the Task Authorizations against a TBIPS contract managed by SDG, there was no defined process for determining who the TA should be. The 4 TAs we interviewed had varying technical expertise and different understandings of the role of a TA. One TA worked directly with the contracted resource and was involved in defining the work and monitoring performance. However, all other TAs we interviewed did not work with the contracted resources or were involved in defining work requirements/monitoring performance. Some felt more clarity on the roles and responsibility of a TA and written guidance procedures would be helpful in the management of TBIPS contracts where many stakeholders are involved.

Although it was not a mandatory policy requirement for departments to create written guidance procedures to define the roles and responsibilities of the TA, project authority, and contracting authority, as a good practice some departments such as DND and CBSA have created agreements and RACI (Responsible, Accountable, Consulted, Informed) charts^{Footnote 4}.

At the time of the review, the SDG procurement team informed IA that they are preparing a process map that will clarify the roles and responsibilities of the main parties involved in the contracting process for Task Authorizations.

2. TBIPS contracts – Information management: Although information management was not an area of focus for this review, IA found that many supporting documents for the sampled Task Authorizations could not be located within the time available for this review. Some interviewees also raised concerns over information management practices for Task Authorization documentation. The SDG procurement team communicated that they were aware of the gap and were in the process of implementing changes to improve the existing information management processes for Task Authorizations.
3. TBIPS contracts – Supporting documentation for Task Authorizations: TBIPS contracts contained contract clauses that defined the process for issuing a Task Authorization and the required supporting documentation, which included:
   1. A Task Authorization form that contained work requirements, the required category and level of resources, number of days, security requirements, etc.
   2. A résumé, proposed resource's security information, and a completed/signed qualification evaluation grid that clearly demonstrated how the proposed resource meets government's required qualification. These documents were to be provided by the vendor for each proposed resource.
   3. Certifications for the proposed resource that were signed by the vendor to provide attestation to the authenticity of proposed resource's education background. This document was not defined in the contract as mandatory but rather to be used as applicable. The contract also contained a clause that allows the government to perform verifications on the compliance to the certification during the contract period.

IA reviewed the documentation on file for the 22 sample Task Authorizations which included 37 resources. We were not able to find all mandatory required contract documentation, which included résumés and evaluation grids that were important documentation for demonstrating whether the contracted resource met the required qualifications. Specifically, we found that:

1. 22 Task Authorization forms were completed and signed as required.
2. 8 out of 37 résumés were on file and 15 out of 37 evaluation grids were signed and fully completed (9 additional evaluation grids were signed but not fully completed).
3. 13 out of 37 resources had a signed certification by the vendor.

4. TBIPS contracts – Monitoring the allocation of work to vendors: A process had been put in place for monitoring the fair allocation of work through Task Authorizations to vendors, but the process has not been maintained for the last few years. The 4 TBIPS contracts in our sample were set up to allow multiple qualified vendors to receive work, through Task Authorizations, under the same requirement (referred to as a workstream). To help ensure fairness and transparency, the contract defined the rules for when and how to issue Task Authorizations to each vendor and required the government to ensure that the dollar value of the Task Authorizations issued to the vendors were proportionally balanced based on their allocated amount of funding established in the bid solicitation/evaluation process. The department was also expected to review the Task Authorizations at six-month intervals and at the beginning of each fiscal year to confirm proportional utilization and utilization of the Task Authorizations.

The SDG procurement team confirmed that a process had been established, through the use of a funding allocation spreadsheet, to track the value of Task Authorizations to each vendor under a workstream. However, this spreadsheet has not been maintained for the last few years. Interviewees identified several possible reasons for not maintaining the tracker such as limited team capacity being tied up by managing a high volume of amendments to Task Authorizations, lack of written guidance procedures, and lack of training for the staff.

IA performed some reconciliation of the funding allocation spreadsheets on file for the 4 sample TBIPS contracts by comparing the spreadsheet data to the Task Authorization data and the data from TC's corporate Oracle financial system and confirmed that there were inconsistencies. However, IA did not have enough data to perform 100% reconciliation. The current data in the spreadsheet showed that the expected allocation percentage of approximately 33% per vendor was not being respected. For example, for one of the sample contracts (for Workstream 3), the expected allocation percentage of Task Authorizations to each vendor was 33%, but the summary showed 25%, 42% and 33% to the three vendors – TPD, Coradix and SI Systems. Not having an effective monitoring process of the funding allocations to vendors could increase the risk of non-compliance to contract requirements and could also lead to potential unfair practices in the allocation of work.

The funding allocation spreadsheets were also being set up for the purpose of ensuring that the cumulative value of the Task Authorizations did not exceed the total value of the contract. The SDG procurement team confirmed that the PSPC contracting authority and the vendor also maintained their own tracking. However, the information may not always be aligned. TC Procurement also confirmed that they implemented additional measures to help ensure the expenditures did not exceed the contract limit. Having different sources of tracking information could create duplication of efforts and could also increase the risk of mis-informed decisions based on outdated data. At the time of the review, the SDG procurement team expressed that they have started to update the funding allocation spreadsheets and were actively exploring the Power BI dashboard tools managed by TC's Corporate Services to help improve the expenditure tracking process for Task Authorizations.

Contract management:

• Contracts and amendments – Contracts and amendments are approved by appropriate authorities prior to the receipt of services.
• Security – Security requirements are addressed to ensure compliance with the provisions of the Policy on Government Security.
• There's oversight of contracts in place to ensure the delivery of services meets the provisions of the contract in terms of quality, standards, service levels, etc.

1. IA examined the sample of 8 contracts, 22 Task Authorizations, as well as any amendments that were made to assess that:
   • amendments are kept on file and are signed;
   • appropriate justification was provided for amendments;
   • amendments were signed by both the department and the vendor (all while respecting delegation of authorities).
2. IA examined the documentation on file for all sampled contracts to assess if a Security Requirements Checklist (SRCL) was completed and signed to define security requirements. For Task Authorizations, we reviewed Task Authorization forms to assess if security requirements are defined for each resource and if it is compliant with minimum security requirements in the contract SRCL. Furthermore, we also assessed whether a confirmation from Departmental Security was on file to confirm the status of a valid security clearance for the contracted resource.
3. IA interviewed TAs, TC Procurement and SDG Procurement to understand the process for monitoring contract performance. We have also requested documentation related to performance monitoring, as permitted by the contracts, such as progress review meeting minutes, communication with vendors, etc. 

1. Full sample – Contracts and amendments: IA reviewed the contracts, Task Authorizations and associated amendments in our sample.
   1. TBIPS contracts – We found that delegation of authority was respected for all 22 sampled Task Authorizations. However, there was a high volume of amendments to Task Authorizations which led to increased administrative work in the SDG procurement team. In addition, the justifications and the SOW for the amendments did not explain the rationale for increasing the length and value of Task Authorizations. PSPC was the contracting authority for the majority of the ones reviewed. Of these 22 Task Authorizations, 19 had amendments. We found the majority of the amendments on file with a few exceptions. The range of amendments per Task Authorization varied widely from one amendment to 10 amendments. Some amendments extended the length of time by more than 2 years for the same resource.
   2. GC Strategies contracts – Of 8 sampled contracts, 4 were awarded to GC Strategies and 1 had amendments (i.e. two amendments). We found all documentation on file and the delegation of authority was respected. However, the justifications for the amendments did not explain the rationale for increasing the duration and the value of the contracts.

IA reviewed the contracting policy and PSPC's Supply Manual and found that rules around revisions/amendments to Task Authorizations are loose. The only written guidance we found for revisions to Task Authorizations was in PSPC's Supply Manual, which stated “the client may revise a Task Authorization that it originally authorized subject to the work being within the scope and value of the contract as well as within the client authority limit set in the contract. Any revision to the Task Authorization is subject to concurrence by the contractor. A Task Authorization revision, which will bring the Task Authorization value above the client Task Authorization limit, must be referred to the contracting officer.”

TC Procurement indicated that revisions to a Task Authorization should be subject to the same principles as a contract amendment. The principles of contract amendments were defined in TB's contracting policy^{Footnote 5} as:

1. Contracts should not be amended unless the amendments are in the best interest of the government, because they save dollar or time, or because they facilitate the attainment of the primary objective of the contract. 
2. Work definition should be carefully developed.
3. Contracts should then be properly administered to avoid unanticipated amendments except to change the scope of the work.
4. Amendments to existing contracts often call for more administrative work and little can be done through competition to encourage the contractor to do additional work or respond to changes at the lowest possible cost.
5. Every effort should be made to avoid inadequate pre-planning, resulting in amendments to change the design, specification or quantity involved.

Creating amendments that change the length or value of contracts or Task Authorizations without a documented rationale, such as a clear description of a change in the scope of work or how the amendment is in the best interests of the government (saves money or time), does not meet TB's Contracting Policy's principles for contract amendments. Extending the contract with the same resource for a prolonged period of time could also increase the risk of an employer-employeerelationship and create a dependency on a small group of contracted resources with technical knowledge especially if a knowledge transfer process is not set up.

As described in the Background section, in December, PSPC has also communicated new guidance to departments with the objective of enhancing controls around contract and Task Authorizations, including amendments.

2. Full sample – Contract security requirements: Most of the Security Requirements Checklist were on file for the 8 sampled contracts, even though some had missing information. For the 22 sampled Task Authorizations, security requirements were defined, as required for all 22; however, 16 of the 22 were missing evidence on file confirming the valid security status of the contracted resources.

   A SRCL identifies security requirements in contracts, and both government policies and TC's Departmental Security standard stipulated that a SRCL is mandatory when security requirements are identified for each contract.

   In reviewing the SRCL, we found that:

   1. GC Strategies contracts: For 3 of the 4 contracts, a signed SRCL was either on file or deemed “not required” by a TC security advisor. For the 1 remaining contract, a SRCL was missing in the procurement file.
   2. TBIPS contracts: A SRCL was on file and signed for all 4 TBIPS contracts. However, some checklists were incomplete. For example, 2 SRCLs were missing the contract number.
   3. Task Authorizations: A SRCL is not required for Task Authorizations. Instead, the department is expected to define the contracted resource's security requirements in the Task Authorization form, and to verify that the contracted resource's security clearance is valid. For the 22 sampled Task Authorizations, we found that,
      1. All 22 Task Authorization forms identified the security requirements, as required, for contracted resources which met at least the minimum requirement in the SRCL for the contract.
      2. However, 16 were missing evidence on file that confirmed the contracted resources had a valid security clearance status.

IA did not perform further test procedures to examine the contract security process as part of this review. Following the OGGO proceedings, PSPC has also been asked to verify the security clearance for all past and active contracted resources with the 3 vendors, and TC submitted the names of the resources to support PSPC's verification. As described in the Background section, in December, PSPC has also communicated new guidance to departments with the objective of enhancing the controls around contract security verifications for contracts and Task Authorizations.

3. Full sample – Contract performance: Within the time available for this review, no documentation was found that supported the monitoring of contract performance for all 8 sampled contracts and 22 Task Authorizations. Some interviewees indicated that the business owners or project authorities were primarily responsible for monitoring contractor performance as they worked directly with the contracted resources. One of the TAs we interviewed worked directly with contracted resources and indicated that the performance was being monitored but no documentation was kept. Oversight and monitoring of contract performance can help ensure that the delivery of services meets quality standards and that the government receives value for money.

   IA did not perform additional test procedures to interview business owners or project authorities for assessing their practices. The information management challenge that IA noted earlier could have also contributed to the difficulty in locating the documentation in procurement files within the time available. This area has been noted as a risk for consideration in the RBAEP exercise to identify future assurance work.

Delivery of services and Section 34: Certification authority (Section 34 of the Financial Administration Act) is performed by someone with the delegated authority and there is rigour in ensuring the delivery of services and correctness of the payment requested.

IA examined a sample of 45 invoices and the associated supporting documentation including contracts, Task Authorizations, invoices, time sheets and financial system print screens and approval specimen cards in order to assess that:

• there was evidence for delivery of services;
• proper Section 34 approval was granted;
• appropriate rates have been charged for the services rendered.

Full sample – Delivery of services and Section 34 certification: We found that the rates on the invoice matched the Basis of Payment in the contracts for all 45 invoices reviewed. Appropriate Section 34 approvals were provided for the invoices except for 1 case where the specimen card for the approver was missing and for some cases where the payment was made prior to the effective date of the specimen card. In addition, we could not find evidence for delivery of service for all the invoices reviewed.

1. GC Strategies contracts: 9 of 45 invoices were paid to GC Strategies Inc. They represented all invoices paid to this vendor since 2011. We did not find evidence for delivery of service for 2 invoices. Specifically:
   1. 7 invoices had corresponding evidence for delivery of service, such as timesheets or an indication on the invoice that the project authority has accepted the deliverable. The remaining 2 did not have any evidence on file. This included 1 invoice for a non-competitive contract with a firm fixed price of $22,123.85 for the delivery of a pilot application that digitized the approvals for departing employees.
   2. For the timesheets that were provided and attached to the invoices, 2 included some detail describing the tasks that were performed while others did not. In addition, these timesheets, except for one, were signed by a TC representative.
2. TBIPS contracts: 36 of 45 invoices were under the TBIPS contracts. A similar issue was noted regarding missing evidence for delivery of service, such as progress reports as required by the TBIPS contracts. Specifically:
   1. 3 invoices had a progress report as required by the contract to show hours worked and the tasks performed.

   2. 35 invoices had timesheets with no details on tasks performed.

      Section 34 approvals are expected to be exercised prior to issuance of payments to certify that goods have been provided or services have been rendered. Not having the appropriate documentation on file made it difficult to demonstrate that the work, as agreed to in the contract, was ultimately performed, and that value for money was derived for the Crown.

      IA reviewed the invoices and corresponding documentation and interviewed Technical Authorities and the TC Procurement and SDG procurement teams. However, IA did not interview RC managers to assess the Section 34 process and has noted it as a risk area for consideration in the RBAEP planning exercise for future assurance work.

IA examined the contracts and Task Authorizations including amendments in the full sample and compared the data on file to the published proactive disclosure records to assess if:

• all contracts and Task Authorizations including amendments over $10,000 are disclosed; and
• the disclosed information is accurate. 

1. Full sample – Pro-Active disclosure: IA reviewed the contracts and Task Authorizations in the full sample and cross-referenced this data with proactive disclosure records. We found that all contracts and Task Authorizations over $10,000 were disclosed, but the amendments to Task Authorizations over $10,000 have not all been disclosed. Some inconsistencies were also noted between the published information and the contract file data. For example:
   1. One contract was reported as “competitive – traditional” when the contract file indicated that it was a non-competitive contract against a Supply Arrangement.
   2. In multiple cases, the “solicitation procedure” field where input was required to describe whether the contract was competitively or non-competitively tendered was blank.
   3. The reported total cumulative value including amendments were different for a few Task Authorizations.

TC Procurement informed us that the information published on the pro-active disclosure website is based on the quality of data entered into Oracle by Procurement Officers in TC and TC Procurement is now reviewing the quality of data on a quarterly basis when preparing the pro-active disclosure reports. IA did not perform further testing procedures, as part of this review, to assess the pro-active disclosure process. We will share the details of the inconsistencies with TC Procurement and have noted it as a risk area for consideration in the RBAEP planning exercise for future assurance work.

1. Full sample – Departmental procurement controls: TC has implemented several procurement controls that were unique to the department, in addition to the requirements in government contracting policies. IA found documentation which confirmed that most of the sampled contracts were compliant with the departmental controls, where applicable. For 2 contracts, IA did not find documentation on file for the internal peer review process. TC Procurement indicated that it could be due to a less standardized process in the past for keeping peer review documentation on file, which has since been improved.

   Specifically, TC Procurement identified the following key departmental controls:

   1. Senior Procurement Review Committee which is a departmental governance committee designed to play a challenge function on contracts that meet the pre-defined criteria.
   2. Internal peer review process, which is a review process implemented by TC Procurement designed to provide a challenge function on contracts awarded by TC.
   3. Quarterly quality assurance process, which took effect on July 1, 2022, was implemented by TC Procurement to provide additional oversight of TC's procurement activities and to ensure compliance to government contracting policies and regulations. The review process, defined in TC's Contract Compliance Review Framework, covers all procurement activities including Task Authorizations undertaken by the department, with the exception of acquisition card purchases and non-contractual financial commitments.

   We found that in the sample of 8 contracts:

   1. GC Strategies contracts – Senior Procurement Review Committee: 1 contract that met the criteria for the Senior Procurement Review Committee had completed the review checklist as required. The vendor of this contract was GC Strategies.
   2. GC Strategies contracts – Peer review: 4 contracts that were awarded by TC Procurement met the criteria for the peer review; however, only 2 contracts had a completed peer review checklist document on file. The vendor for all 4 contracts was GC Strategies. TC Procurement indicated that the peer review process was less standardized in the past where procurement officers could have completed the review without keeping formal documentation; however, the process has been standardized since 2022 to ensure consistency across all procurement officers.
   3. All samples – Quarterly quality assurance process: Since all 8 contracts in the sample were awarded prior to the implementation of the Quarterly quality assurance process, they were not subject to this process.